Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Bem, meu notebook ficou lento duma hora pra outra, e até as musicas (e outros sons) ficam travando.
Já fiz escaneamentos, mas não encontrei nada.
Já tenho o notebook faz mais de 1 ano e, nunca me deu problemas antes.
Log do HijackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:31:00, on 16/04/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Baidu Security\PC Faster\3.2.0.9\PCFaster.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Users\user\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oquefazernainternet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oquefazernainternet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oquefazernainternet.com/q/%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão de Conta da Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [sidebar] "C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
O4 - HKLM\..\Run: [baidu PC Faster 3.2.0.9] "C:\Program Files (x86)\Baidu Security\PC Faster\3.2.0.9\PCFaster.exe" -auto -start
O4 - HKLM\..\RunOnce: [!CD] C:\Windows\temp\dragon_setup.exe /S
O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{259FC381-5CC9-4C18-9EA9-15D44249EC82}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{64966CA4-9BA6-42F1-AA52-A576E8E66912}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{D89BA3BF-8CBE-40A6-9028-B05D3895C605}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC773372-8EBB-49DF-AC38-394BC63D1E18}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{259FC381-5CC9-4C18-9EA9-15D44249EC82}: NameServer = 208.67.222.123,208.67.220.123
O17 - HKLM\System\CS2\Services\Tcpip\..\{259FC381-5CC9-4C18-9EA9-15D44249EC82}: NameServer = 208.67.222.123,208.67.220.123
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Baidu Antivirus Service (BAVSvc) - Baidu, Inc. - C:\Program Files (x86)\Baidu Security\Cloud Security\BAVSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files (x86)\GameTracker\GSInGameService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeO23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Baidu PC Faster Service 3.2.0.9 (PCFasterSvc_{PCFaster_3.2.0.9}) - Baidu Inc. - C:\Program Files (x86)\Baidu Security\PC Faster\3.2.0.9\PCFasterSvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12556 bytes
Log ADW Cleaner
http://cjoint.com/13av/CDqvi3YNCn3.htm
JRT
http://cjoint.com/13av/CDqvAKQ3RsF.htm
HijackThis
Boa Tarde! michel+
|- Desinstale: < Baidu Security >
-/-
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oquefazernainternet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oquefazernainternet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oquefazernainternet.com/q/%s
O4 - HKLM\..\Run: [baidu PC Faster 3.2.0.9] "C:\Program Files (x86)\Baidu Security\PC Faster\3.2.0.9\PCFaster.exe" -auto -start
O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O9 - Extra button: (no name) - {09E90109-A9AA-4980-BCEF-76F8D924E902} - (no file) (HKCU)
|- Abra o HijackThis.
|- Clique: Do a system scan only
|- Marque estas entradas em vermelho e clique "Fix checked".
-/-
|- Baixe: | ftp://zebulon.fr/ZHPDiag2.exe'>ZHPDiag2 | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ºº ( ... de Nicolas Coolman )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />
|- Confirme todos os passos,ao instalar ZHPDiag.
|- Conclua a instalação,clicando em "Termine".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />
|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:
|- <1> MBRCheck
|- <2> ZHPDiag2
|- <3> ZHPFix
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />
|- Clique no ícone do pergaminho. ( ZHPScript )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />
|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )
|- Habilite todas as opções de diagnóstico,clicando em "Options".
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />
|- Clique em All.
|- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82.
|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />
|- Clique em "Calendar" e escolha 30 dias!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPDiag_UAC.jpg&key=f03b919472ff9f0d8a3597cdd2980adb445695813761dfe0f41961f0b4893a7b" alt="ZHPDiag_UAC.jpg" />
|- Clique no botão UAC,para desabilitar essa proteção.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />
|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )
|- Ao concluir,clique em "Save Report".
|- Salve-o em um local conveniente! ( ZHPDiag.txt )
|- Ps: Não poste,diretamente,esse arquivo texto.
|- Envie-o à http://forum.imasters.com.br/topic/452207-pjjointmalekal-hospedagem-inteligente/'>Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >
|- Ou acesse: http://cjoint.com/'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> << Link!
|- Ou acesse: http://imgbox.com/abmdaZsE'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" /> << Link!
|- Maiores informações: < |http://forum.imasters.com.br/topic/452911-myfiletk-cjoint/'>Link| >
A+
Boa Tarde! michel+
|- O relatório disponibilizado está incorreto!
######
Rapport de ZHPDiag v2013.4.16.xx par Nicolas Coolman, Update du 15/04/2013
######
|- Relatório correto! ( ZHPDiag )
######
Rapport de ZHPScript, Générateur de script Registres v1.10 par Nicolas Coolman, Update du 15/04/2013
######
|- Relatório incorreto ou não pedido. ( ZHPScript )
|- Tente,então,com ZHPDiag_silent.
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Silent.jpg&key=b108c6f3da4b9ebe004c6fc63c6e29fc4f2043056612e16f58c8a6da9600eaea" alt="ZHPDiag_Silent.jpg" /> > ( ... par Nicolas Coolman )
|- Salve-o no desktop!
|- Desabilite seu antivírus!
|- Caso utilize o Avast,estabeleça esta configuração à SandBox.
|- Para Windows Vista ou 7,clique direito e execute o arquivo como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_4cones.jpg&key=1fa875282159446f710d915aa0f19515c10ea929b8487f1466b6ce34a529ae11" alt="ZHPDiag_4cones.jpg" />
|- Além do relatório,teremos no desktop: ZHP_uninstall, MBRCheck, ZHPDiag, ZHPFix
|- Poste e/ou cole aqui,o link que será gerado,logo após o relatório.
|- Maiores informações: < |Link| >
A+
Seria então este log?
http://cjoint.com/13av/CDraICFHe3j.htm
Pois o meu está diferente - não aparece a opção UAC - e também tem só 2 ícones na área de trabalho (ZHPDiag e ZHPFix).
Este ultimo programa que me passou está com o link quebrado.
>
Seria então este log?
http://cjoint.com/13av/CDraICFHe3j.htm
Pois o meu está diferente - não aparece a opção UAC - e também tem só 2 ícones na área de trabalho (ZHPDiag e ZHPFix).
Este ultimo programa que me passou está com o link quebrado.
Bom Dia! michel+
|- O log está correto!
|- Quanto ao link de ZHPDiag_silent,irei investigar!
-/-
|- Baixe: < http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe'>RogueKiller > ( ... par tigzy ) ( 32 bits version )
|- Ou: < http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/ablsEVeT.jpg&key=ebe62f6e6b003c3e23d8db0ff92a90e81df2d7816af5fecaeb9b0fd72c8fa9e7" alt="ablsEVeT.jpg" /> > ( ... par tigzy ) ( 64 bits version )
|- Salve-o no desktop! /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/RogueKiller_Logo.jpg&key=99f754ad8ac3afe28f2674c5df4045eed7cd3d0d73384947ed6af1127ec30157" alt="RogueKiller_Logo.jpg" />
|- Feche aplicativos que estejam abertos!
|- Execute RogueKiller.exe e aceite a Eula.
http://imgbox.com/abeo9i3V'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abeo9i3V.jpg&key=28fdbc4031eead1b4262f4375d709e2ef75c8fa438c4d53edbfcfd7071cbb903" alt="abeo9i3V.jpg" />
|- Aguarde a finalização de seu Pre-scan.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Scan2.jpg&key=02afd4d0311ea8fed8ddb59a023987cb25f7d895ebf760d1c7192afebdbba6f1" alt="RogueKiller_Scan2.jpg" />
|- Dê início ao diagnóstico,clicando no botão "Verificar".
|- Exemplo: Mode: Verificar -- Date: mm/dd/2013 00:52:24
|- Poste o relatório: RKreport[1].txt
-/-
|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!
|- Para Windows Vista,desabilite a http://windows.microsoft.com/pt-BR/windows-vista/Turn-User-Account-Control-on-or-off'>UAC.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPFix_Logo.jpg&key=e1490e388cb3365073cd3d8484ad299330f9c980ec992ca5e2d4b57fd46b5d7b" alt="ZHPFix_Logo.jpg" />
|- Dê um duplo clique em ZHPFix.
|- Selecione e copie estas informações,que estão em vermelho,para o "Bloco de Notas".
>
[MD5.00000000000000000000000000000000] [APT] [{BF200829-2209-4B85-9D85-F81A3B2751FD}] (...) -- F:\age2upa.exe (.not file.) [0][MD5.00000000000000000000000000000000] [APT] [{D06A03FD-0B91-4D90-A141-AD256DD5A1AA}] (...) -- C:\users\user\Documents\Mipony\Shockwave_Installer_Slim.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EA6DE2D8-8E72-47F0-AC30-D958F3545705}] (...) -- D:\_8_WoS_Across_Amer_CB559339BA17490596ECB7717F7A6A80.exe (.not file.) [0]
[MD5.A81C790A91A018D3BB8B344E4E90A95F] [sPRF][15/04/2013] (...) -- C:\Users\user\AppData\Local\Temp\~upgrade.dat [806]
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphean Key
O43 - CFD: 31/07/2012 - 15:03:59 - [0] ----D C:\ProgramData\hssff
O43 - CFD: 16/04/2013 - 19:16:58 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 14/04/2013 - 14:02:10 - [0] ----D C:\Users\user\AppData\Local\gctmp
O43 - CFD: 12/04/2013 - 23:12:42 - [0,000] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 16/04/2013 - 16:53:38 - [0,000] ----D C:\ProgramData\Baidu
O43 - CFD: 12/04/2013 - 23:13:12 - [289,256] ----D C:\ProgramData\Baidu Security
O43 - CFD: 16/04/2013 - 17:20:55 - [0,001] ----D C:\Users\user\AppData\Roaming\Baidu
O43 - CFD: 12/04/2013 - 23:12:34 - [1,056] ----D C:\Users\user\AppData\Roaming\Baidu Security
O44 - LFC:[MD5.10195B1ACFDA8DB4CCF0D4722C3FF6B4] - 16/04/2013 - 16:02:31 ---A- . (...) -- C:\AdwCleaner[s1].txt [1244]
O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (...) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\{F3B564FA-AB4B-43F0-AC42-B4ED20890B26} [Key] . (...) -- wscript \\b \\Nologo "C:\Users\user\AppData\Local\Temp\{F3B564FA-AB4B-43F0-AC42-B4ED20890B26}.wsf" "\delete:{CD244BF5-F412-462F-A358-E1CA75C16E3F}.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {35EF27E1-528F-4123-705B-1A1741D79646} - (AVG Secure Search) - http://isearch.avg.com
O69 - SBI: prefs.js [user - qxdfiylv.default] user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"26\",\"lastVrsn\":\"26\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\[...]
O69 - SBI: SearchScopes [HKCU] {03A0B731-AD8A-4E88-9FF8-56828962E093} - (Funmoods) - http://start.funmoods.com
[HKCU\Software\BI]
[HKCU\Software\Baidu Security]
[HKCU\Software\BearShare]
[HKLM\Software\Wow6432Node\360Safe]
[HKLM\Software\Wow6432Node\Trymedia Systems]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}]
[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv]
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASAPI32]
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASMANCS]
[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}]
C:\ProgramData\hssff
C:\ProgramData\Baidu
C:\Users\user\AppData\Roaming\Baidu
proxyfix
emptytemp
emptyclsid
emptyflash
firewallraz
sysrestore
|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />
|- Clique no menu,"Paste ClipBoard".
|- Clique "GO" -> Oui.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />
|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt
A+
Boa Tarde! michel+
|- Abra,novamente,a ferramenta RogueKiller.
|- Clique em Verificar.
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Atualizado.jpg&key=0172c47c206813e7c9b9bee3f9524438470dd782fdca35036503f8ecbc358cef" alt="RogueKiller_Atualizado.jpg" />
|- Clique na guia "Registro".
>
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> ENCONTRADO
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> ENCONTRADO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> ENCONTRADO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> ENCONTRADO
[HJ] HKLM\[...]\System : EnableLUA (0) -> ENCONTRADO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> ENCONTRADO
|- Marque as checkbox destas entradas!
|- Clique "Deletar" e aguarde a conclusão!
|- À seguir,clique na guia "Atalho" e realize sua correção ou reparo.
|- Poste os relatórios!
|- Poste,também,HijackThis atualizado! << Log!
A+
RK - qual seria?
http://cjoint.com/13av/CDrtSMWH7Di.htm
http://cjoint.com/13av/CDrtQE4QEF5.htm
HijackThis
Boa Tarde! michel+
|- Você postou corretamente os relatórios de RogueKiller. São esses mesmos!
|- Remova as ferramentas que foram empregadas,com o DelFix.
-/-
|- Baixe: |http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/9-delfix'>DelFix| ( ... de Xplode )
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />
|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.
http://imgbox.com/aciCkcnc'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/aciCkcnc.jpg&key=64869378cfa4b064d7b47039e3c62f5b7663c245630c39d83d544fa67ef7cd81" alt="aciCkcnc.jpg" />
|- Execute-a!
|- Com as duas checkbox marcadas!
|- Clique "Run".
-/-
|- Otimize o PC,com o JetClean + JetBoost.
|- Baixe: < http://majorgeeks.com/downloadget.php?id=7226&file=1&evp=41637a00edff17468e59cba2d9bcf6bf'>JetClean 1.3.0 Final > ( ... by BlueSprig )
|- Salve-o em Arquivos de programas. ( jetclean-setup.exe )
http://imgbox.com/adzVh9sP'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adzVh9sP.jpg&key=38fb084fc03b8990854fb91b7552a8f85295f866ef8fd174b17fb5ff781b3096" alt="adzVh9sP.jpg" />
|- Instale o software e na guia "1-Click",escolha a opção "Registry Clean.
|- Vá em "Scan Now" e escolha: Shut down PC after Repair
< http://www.bluesprig.com/jetboost.html'>JetBoost >
http://imgbox.com/adcx3QVr'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adcx3QVr.jpg&key=f551791e9ccb6a3050f8f1a15bce3f5f34262d707bdf2d77ba275768c6193ec8" alt="adcx3QVr.jpg" />
|- À seguir,tente melhorar a performance com o JetBoost.
|- Tudo Ok?
Abs!
Por enquanto está muito melhor....
Tomara que continue assim.
Mas, depois que acabei de fazer tudo que me recomendou, resolvi excluir uma imagens desnecessárias, dai tive vontade de escutar musicas, dai me deparo com um monte de musicas sem programa para roda-lás, tinha pensado que elas tinham sido corrompidas, mas fiz a seleção de programa e deu tudo certo,! :D
Muito obrigado pela ajuda e, se eu precisar de algo novamente venho incomoda-los aqui novamente! :yay:
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
Boa Tarde! michel+
|- Baixe: < http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/adwcleaner_logo.jpg&key=e2bde0dd8c13fd52e18ca6fc88e8f2d73040a387059f8bc22a53202f0de6f95f" alt="adwcleaner_logo.jpg" /> > ( ... par Xplode )
|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >
|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!
|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Ps: Dê início ao scan,clicando em "Remover". < http://imgbox.com/abpXmu2U'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abpXmu2U.jpg&key=ba3ca278ff9701ebe84a46dc01caabecb05660294243097bd9cdadad470fa662" alt="abpXmu2U.jpg" /> >
http://imgbox.com/acuDr4Nb'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acuDr4Nb.jpg&key=492da95813cfa0b62258768d3d470b9ceb78ca09dae770ecd9b6708eee1aab5e" alt="acuDr4Nb.jpg" />
|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt
-/-
|- Baixe: < http://thisisudax.org/downloads/JRT.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... de Thisisu )
|- Salve-o no desktop!
|- Para Windows 7,clique direito em JRT.exe e execute-o como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão e poste o relatório. ( JRT.txt )
|- Poste,também,HijackThis atualizado.
A+